Microsoft
Coldriver, μλ €μ§ μν νμμλ λ¬μμμ κ΄μ¬μ΄ μλ λ¨μ²΄μ λν μ격 μ¦λͺ λλ νλμ μ°Έμ¬νλ©΄μ νμ§ λ₯λ ₯μ ν₯μμμΌ°λ€. Microsoft Threat Intelligence νμ Star Blizzard(μ΄μ Seorgium)λ‘ μΆμ νκ³ μμΌλ©°, λμ μ μ°ν¬λΌμ΄λ κ΄λ ¨ κ°μΈκ³Ό μ‘°μ§, νκ³, μ 보 보μ νμ¬ λ° λ¬μμ κ΅κ° κ΄μ¬μ¬λ₯Ό λͺ©νλ‘νκ³ μλ€. FSBμ μ°κ²°λ Star Blizzardλ Lookalike λλ©μΈμ μ€μ ν κΈ°λ‘μ κ°μ§κ³ μκ³ νμ± Siλ‘ μλ €μ Έ μλ€.
ColdriverλΌλ μν νμμλ λ¬μμμ κ΄μ¬μ΄ μλ λ¨μ²΄μ λν μ격 μ¦λͺ λλ νλμ μ°Έμ¬νλ©΄μ νμ§ λ₯λ ₯μ ν₯μμμΌ°λ€. Microsoft Threat Intelligence νμ Star Blizzard(μ΄μ Seorgium)λ‘ μΆμ νκ³ μκ³ , λμ μ μ°ν¬λΌμ΄λ κ΄λ ¨ κ°μΈκ³Ό μ‘°μ§, νκ³, μ 보 보μ νμ¬ λ° λ¬μμ κ΅κ° κ΄μ¬μ¬λ₯Ό λͺ©νλ‘νκ³ μμΌλ©°, FSBμ μ°κ²°λ Star Blizzardλ Lookalike λλ©μΈμ μ€μ ν κΈ°λ‘μ κ°μ§κ³ μκ³ νμ± Siλ‘ μλ €μ Έ μλ€.
Microsoft Warns of COLDRIVERβs Evolving Evasion and Credential-Stealing Tactics
COLDRIVER, a known threat, improved detection ability by participating in the stolen activity of credentials for organizations interested in Russia.The Microsoft Threat Intelligence Team is tracking with Star Blizzard (formerly Seorgium), and the Great Aims aims to be interested in individuals, organizations, academics, information security companies and Russian countries related to Ukrainians.STAR Blizzard, connected to FSB, has a record of setting a Lookalike domain and is known as an active SI.
The threat actor called COLDRIVER improved detection ability by participating in the stolen activity of the organization interested in Russia.The Microsoft Threat Intelligence Team is tracking on the Star Blizard (formerly Seorgium), and the alphase aims to be interested in individuals, organizations, academics, information security companies, and Russian countries related to Ukraine, and Star Blizzard connected to FSB is set of Lookalike domain.It has a record and is known as an active SI.
https://thehackernews.com/2023/12/microsoft-warns-of-coldrivers-evolving.html